How can I access (forward) the public HTTP request IP address inside a docker compose network?
With the following setup:
only the YARP container has published ports. It correctly sets the X-Forward* headers for other containers to use. But unfortunately it's the docker compose gateway address.
When I want to log the (public) client's IP address, I get ::ffff:172.18.0.1 which is the docker compose gateway IP address. Somehow I need to tell docker to put the public IP address in the X-Forward-For header which then will be used by my reverse proxy.
My containers run inside their own network:
services:
yarp:
...
networks:
- mynet
I can see the created network:
$ docker network ls
NETWORK ID NAME DRIVER SCOPE
2bf19f507987 dockercompose1502733..._mynet bridge local
and to see the details:
$ docker network inspect 2bf
[
{
"Name": "dockercompose1502733..._mynet",
"Id": "2bf...",
"Created": "...",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.18.0.0/16",
"Gateway": "172.18.0.1" // this is the address I get for public requests
}
]
},
"Internal": false,
"Attachable": true,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"b82645911...": {
"Name": "YARP",
"EndpointID": "fb1b...",
"MacAddress": "02:42:ac:...",
"IPv4Address": "172.18.0.10/16",
"IPv6Address": ""
},
...
},
"Options": {},
"Labels": {
"com.docker.compose.network": "mynet",
"com.docker.compose.project": "dockercompose1502733...",
"com.docker.compose.version": "1.29.2"
}
}
]
You could do network_mode: host for the reverse proxy service:
https://docs.docker.com/compose/compose-file/#network_mode
Be mindful though, because:
host: which gives the container raw access to host’s network interface
It looks like this is your only solution: https://github.com/docker/roadmap/issues/157
I assume this is a production workload, you might be better off migrating to kubernetes where you certainly will face other set of problems :) but this one is not a problem at least with ingress-nginx I was able to configure it.
- docker --device works with absolute device path, fails with symlink
- Replacing character in dockerfile variable - error: missing ':' in substitution
- MongooseError: Operation `clientusers.findOne()` buffering timed out after 10000ms
- Connect application to database when they are in separate docker containers
- Docker NLTK Download
- COPY with docker but with exclusion
- VMware Photon - Clair cannot scan Photon container vulnerability on vSphere
- How can I delete all local Docker images?
- File is not found in docker
- Getting real client IP Address instead of Nginx Container's IP Address on Dockerized Next.js and Nestjs app | X-Forwarded-For
- Error: " The command could not be loaded, possibly because:" while trying to start a selenium docker container
- Dynamically get a running container name created by docker-compose
- How to connect from VSCode to a mysql docker container?
- Docker gets error "failed to compute cache key: not found" - runs fine in Visual Studio
- Docker login failing (at most 1 argument)
- Docker and playwright
- How do I use Docker environment variable in ENTRYPOINT array?
- Docker Desktop - WSL update failed
- Problem with creating server in pgadmin 4, unable to connect to server
- How to properly configure label-studio to use redis as a data source (in a docker)
- Unauthenticated requests do not have permission "artifactregistry.repositories.uploadArtifacts"
- Check architecture in dockerfile to get amd/arm
- Sudden I/O errors with docker-compose
- How do I tell buildroot to include boost in the host toolchain
- Error starting mariaDB on docker-compose build
- Nginx Reverse proxy to Sonarqube not working. Getting 500 error
- Docker create image with all installed applications
- How to start Docker container only after another container is exited
- Get docker-compose.yml file location from running container?
- Run OpenSearch image in Docker on GitHub Actions